When we think of cyberattacks, we often think of large financial institutions in big cities like New York or major retailers like Target. Indiana business leaders might be forgiven for thinking, hey, it probably won’t happen to us.
However, cybercriminals frequently attack small Indiana businesses, agencies and organizations. According to Indiana state data, there were nearly 12,000 cybercrime incidents in 2022, equaling almost $74 million in losses.
Clearly, organizational leaders in the state need to be aware of the cyber threats for Indiana businesses. These threats can target individual users, companies and even government agencies. Awareness is an essential first step before moving on to prevention.
What Exactly Is a Cyber Threat?
A cyber threat is any individual or software that is focused on gaining unauthorized access to a computer network, usually to cause some damage. Cyber threats are the vessel through which a cyber attack takes place.
One common goal of a cyberattack is to gain access to valuable information, such as financial information or intellectual property. Another popular reason for a cyberattack is to hold a system hostage until a ransom is paid. Sometimes, vandals or activists simply want to disrupt a system and not extract anything of value.
What Are the Most Common Cyber Threats That Indiana Businesses Face?
It's difficult to gather cybersecurity information from private businesses. This makes it hard to grasp the full scale of cyber threats that Indiana businesses face on a daily basis. However, a state law that requires local government agencies to report cyberattacks provides some insight into the current nature of these threats. The media often picks up on this information during their investigations.
For example, an investigative report based on cyber threat data from WRTV revealed that public school districts are often the target of certain kinds of cyber attacks. Although they don't handle as much financial information as a bank or as much personal information as a hospital, school districts do manage considerable amounts of money and personal data. Some cyberattacks on schools have targeted students for identity theft. Because students don't apply for loans or lines of credit until they are adults, the theft of their personal information may go unnoticed for many years.
The WRTV report said there were 46 cybercrime incidents targeting public schools from 2021 to 2022. The report also said the following types of cyber threats were the most common:
- Email scams, like phishing and email spoofing. Some of these message-based cyber threats are designed to get a victim to share sensitive information, such as bank passwords or account numbers, while others are designed to infect a device with a virus. These email scams often target specific important individuals inside an organization, such as a CEO.
- Distributed Denial of Service attacks (DDoS). This type of cyber threat involves flooding a system with many false requests, causing a disruption. An effective DDoS attack prevents people in an organization from performing necessary tasks, such as checking e-mail or accessing files. These attacks are usually designed to harm a company by disrupting its operations, and they rarely involve a ransom being paid to stop the attack. While a Denial of Service (DoS) attack originates from a single source, a DDoS attack comes from multiple sources, making it harder to stop.
- Vulnerability exploitation, like identity-based attacks, code injection and DNS tunneling. The WRTV report revealed that Indiana school districts were often the victim of vulnerability exploitation. These types of cyber threats can take many forms. An identity-based attack involves a hacker gaining unauthorized access to a system using valid login credentials. A code injection attack involves the insertion of malicious software into a vulnerable computer or server. DNS Tunneling involves the use of domain name system (DNS) queries and responses to get around security measures.
- Ransomware. In a typical ransomware attack, the files of a compromised system are encrypted so they cannot be accessed. Valuable data is essentially held hostage until a ransom is paid in exchange for a decryption key.
Failing to detect and block these cyber threats can be costly. Even the most minor attacks can cost thousands of dollars, which can be devastating for small organizations. For example, the network at South Madison Community School was infected with a virus in 2018, costing the district its $15,000 insurance deductible, according to the WRTV report.
A different report from Fox 59 highlighted the increase in cyberattacks against Indiana hospitals. With healthcare systems being repositories of very sensitive information, they are a high-profile target for cyber threats. More than 25 healthcare IT systems in the state have experienced cyberattacks in recent years, including nine attacks against healthcare systems in Marion County.
Interestingly, a cyberattack against Franciscan Health wasn't done to extract money or personal information. A Russia-associated hacker group called Killnet shut down the healthcare system's website for 3 hours because the hospital had participated in a fundraising campaign for supplies to Ukraine. It goes to show that cyber threats for Indiana businesses include hackers on the other side of the world who are motivated by far-off military and political events.
How to Prevent Cyber Threats in Your Business
From the biggest multinational corporations to the smallest local businesses, preventing cyber threats for Indiana businesses comes down to following best practices and committing the necessary resources.
Training
There's a saying that people are the weakest link in any cybersecurity system, and one of the most effective ways you can address cyber threats is to properly train your employees. Cybersecurity training should cover many topics, including spotting suspicious emails, handling sensitive business information, responding to a cybersecurity incident, safely browsing the internet, avoiding suspicious downloads and using authentication tools.
Access Control
It's also important to limit employee access to sensitive information according to their role in the company. For example, there's no need for maintenance staff at a hospital to access patient records. Controlling access should include both digital and physical control measures. If an employee needs additional access, there should be a secure process in place to provide temporary or permanent access. There should also be processes for when an employee leaves the company or transfers to a different location. Regular audits can help ensure that employee access is kept up to date.
Firewalls and Antivirus Software
Firewalls are critical tools that can address the most common cyber threats to your business by blocking hackers and keeping employees from dangerous websites. Firewalls should be installed on all connected devices and updated regularly. Use a Virtual Private Network to provide remote employees with secure access.
Antivirus software is another critical tool in the battle against cyber threats for Indiana businesses. Be sure to get your antivirus software from a trusted provider that regularly provides patches and updates. Antivirus software should be configured to install any updates automatically in order to avoid lapses in protection. It's also a good idea to regularly update any communications or web browsing software because these updates can include security patches.
Multi-Factor Authentication
Multi-factor authentication (MFA) is another cybersecurity best practice used to address the most common cyber threats. MFA is becoming more common in our personal lives, but in case you haven't come across it yet, MFA goes beyond asking for the standard login credentials. In order to provide an added layer of protection, MFA asks a user to prove they have something in their possession, like a smartphone or physical token. If you've ever been asked to provide a code that was texted to your phone number, then you have used MFA. Another approach is to ask users to provide a fingerprint or facial recognition scan in addition to their login credentials.
Data Management
Good data management practices are also part of any cybersecurity strategy. All of your most critical data ought to be backed up regularly. Modern backup systems can be automated and send backups to secure locations in the cloud. If you are backing up to the cloud, regular audits can make sure that all information is where it should be. Encrypt sensitive information and keep encryption keys separate from the data it decrypts.
Another best practice is to securely dispose of old company computers, devices and storage media. Hard drives and memories should be wiped clean. Storage devices should be destroyed in a way that prevents them from being read.
These are just a few effective cybersecurity practices against the most common cyber threats. Your company should have a comprehensive cybersecurity plan and a dedicated team in place. If you are in a small business with limited resources, you should consider working with a cybersecurity provider.
What to Do If Your Small Business is Targeted By a Cyber Threat
Unfortunately, cyberattacks are a common occurrence and not going anywhere anytime soon. It's not a matter of if your company will be targeted by a cyber threat, but when. In addition to battling the most common cyber threats, your Indiana business should also have a plan for when you've suffered an attack.
A common first step is to have experts assess the size and scale of the attack. Then, you should move as quickly as possible to take action against any threats. If there are physical locations related to the attack, those should be locked down immediately. Automated tools can be used to instantly scan files and generate reports on the incident.
Take the affected systems offline and change access permissions for systems still in operation. If you have backup computers and devices, switch to those when you are sure the threat has been contained. Update all login credentials and passwords that the attack may have exposed. If hackers posted messages or information online, move to clean those us as quickly as you can.
If you are in a government agency, by law, you must report a cyberattack to the Indiana Office of Technology within 48 hours after the breach has been discovered. The Office of Technology has an Incident Reporting Form online. If you are not in a government agency, you should report the incident to law enforcement. If there is an immediate threat to public safety, you should call 911. If there is no immediate threat, you should notify the FBI's Internet Crime Complaint Center, the Indianapolis Cyber Fraud Task Force, and Indiana State Police's Cybercrime and Investigative Technologies Section.
After taking immediate action to contain the threat, contacting the authorities, addressing any damages, and maintaining continuity as much as possible, begin a forensic investigation to understand how the attack happened and what steps you can take to prevent it from happening in the future.
First, consult with law enforcement to make sure your investigation doesn't compromise theirs. Then, interview the people who first discovered the attack. Avoid destroying any potential evidence. Communicate the findings of your investigation to law enforcement and stakeholders who should be privy to information about the attack.
While a forensic investigation should be ongoing, initial findings can be used to identify vulnerabilities and implement measures to beef up cybersecurity. This could involve adding extra security measures and patching any vulnerable software.
Taylored Systems Will Help Protect Your Data and Protect Your Business
At Taylored Systems, we're very familiar with the cyber threats for Indiana businesses, as our Managed IT Services include firewall support, data backups and other trusted cybersecurity measures. In fact, our cybersecurity solutions for small businesses are tailored to meet the needs of local organizations and government agencies. We also specialize in cybersecurity for cloud computing.
As good as we are at providing cybersecurity, it's only a small part of all our services. Our IT consulting services can help you get the most out of your technology investments, along with helping to protect them. We also offer government IT services for agencies that are often the focus of cyber threats. Contact us today to discuss how we can meet your cybersecurity and overall IT needs.